# OpenShift v4.6.43 - CRI-O PID Leak Causing High Memory Utilization
# - RefURL
# [1]: https://access.redhat.com/solutions/6304881
# [2]: https://bugzilla.redhat.com/show_bug.cgi?id=1997062
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: execpid-cleaner
namespace: kube-system
spec:
selector:
matchLabels:
name: execpid-cleaner
template:
metadata:
labels:
name: execpid-cleaner
spec:
tolerations:
- operator: Exists
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node.openshift.io/os_id
operator: In
values:
- "rhcos"
terminationGracePeriodSeconds: 5
containers:
- name: execpid-cleaner
image: [your-private-registry-ip-or-domain:port]/openshift4/release:4.6.43-tools
command:
- sh
- -c
- |
set -euo pipefail
while true; do
printf "%s Running cleanup:\n" "$(date)"
set -x
find /run/crio/exec-pid-dir -type f -mmin +5 -exec rm -f {} \;
sleep 5m
set +x
done
securityContext:
privileged: true
resources:
limits:
memory: 64Mi
requests:
memory: 64Mi
volumeMounts:
- name: exec-pid-dir
mountPath: /run/crio/exec-pid-dir
volumes:
- name: exec-pid-dir
hostPath:
path: /run/crio/exec-pid-dir